From 324241118a350eae37a7909306817f582d0db5b6 Mon Sep 17 00:00:00 2001 From: Todd Malsbary Date: Wed, 19 Jan 2022 11:33:11 -0800 Subject: [PATCH] Upgrade Flux to v0.25.3 Signed-off-by: Todd Malsbary Change-Id: Id1d9d64d077e2edeffe10a492e8deea7a332909d --- deploy/cluster/templates/flux-addon.yaml | 286 ++++++++++++++++----- .../cluster-icn/flux-system/gotk-components.yaml | 286 ++++++++++++++++----- env/lib/common.sh | 2 +- 3 files changed, 451 insertions(+), 123 deletions(-) diff --git a/deploy/cluster/templates/flux-addon.yaml b/deploy/cluster/templates/flux-addon.yaml index 8702920..c040253 100644 --- a/deploy/cluster/templates/flux-addon.yaml +++ b/deploy/cluster/templates/flux-addon.yaml @@ -4,7 +4,8 @@ apiVersion: v1 data: flux-system.yaml: | --- - # Flux version: v0.20.0 + # This manifest was generated by flux. DO NOT EDIT. + # Flux Version: v0.25.3 # Components: source-controller,kustomize-controller,helm-controller,notification-controller apiVersion: v1 kind: Namespace @@ -12,19 +13,19 @@ data: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.25.3 name: flux-system --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.5.0 + controller-gen.kubebuilder.io/version: v0.7.0 creationTimestamp: null labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.25.3 name: alerts.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -236,7 +237,7 @@ data: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.25.3 name: buckets.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -248,8 +249,8 @@ data: scope: Namespaced versions: - additionalPrinterColumns: - - jsonPath: .spec.url - name: URL + - jsonPath: .spec.endpoint + name: Endpoint type: string - jsonPath: .status.conditions[?(@.type=="Ready")].status name: Ready @@ -281,6 +282,33 @@ data: description: BucketSpec defines the desired state of an S3 compatible bucket properties: + accessFrom: + description: AccessFrom defines an Access Control List for allowing + cross-namespace references to this object. + properties: + namespaceSelectors: + description: NamespaceSelectors is the list of namespace selectors + to which this ACL applies. Items in this list are evaluated + using a logical OR operation. + items: + description: NamespaceSelector selects the namespaces to which + this ACL applies. An empty map of MatchLabels matches all + namespaces in a cluster. + properties: + matchLabels: + additionalProperties: + type: string + description: MatchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + type: array + required: + - namespaceSelectors + type: object bucketName: description: The bucket name. type: string @@ -334,6 +362,8 @@ data: - interval type: object status: + default: + observedGeneration: -1 description: BucketStatus defines the observed state of a bucket properties: artifact: @@ -341,7 +371,7 @@ data: Bucket sync. properties: checksum: - description: Checksum is the SHA1 checksum of the artifact. + description: Checksum is the SHA256 checksum of the artifact. type: string lastUpdateTime: description: LastUpdateTime is the timestamp corresponding to @@ -467,7 +497,7 @@ data: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.25.3 name: gitrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -513,6 +543,33 @@ data: spec: description: GitRepositorySpec defines the desired state of a Git repository. properties: + accessFrom: + description: AccessFrom defines an Access Control List for allowing + cross-namespace references to this object. + properties: + namespaceSelectors: + description: NamespaceSelectors is the list of namespace selectors + to which this ACL applies. Items in this list are evaluated + using a logical OR operation. + items: + description: NamespaceSelector selects the namespaces to which + this ACL applies. An empty map of MatchLabels matches all + namespaces in a cluster. + properties: + matchLabels: + additionalProperties: + type: string + description: MatchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + type: array + required: + - namespaceSelectors + type: object gitImplementation: default: go-git description: Determines which git client library to use. Defaults @@ -634,6 +691,8 @@ data: - url type: object status: + default: + observedGeneration: -1 description: GitRepositoryStatus defines the observed state of a Git repository. properties: artifact: @@ -641,7 +700,7 @@ data: repository sync. properties: checksum: - description: Checksum is the SHA1 checksum of the artifact. + description: Checksum is the SHA256 checksum of the artifact. type: string lastUpdateTime: description: LastUpdateTime is the timestamp corresponding to @@ -740,7 +799,7 @@ data: description: Artifact represents the output of a source synchronisation. properties: checksum: - description: Checksum is the SHA1 checksum of the artifact. + description: Checksum is the SHA256 checksum of the artifact. type: string lastUpdateTime: description: LastUpdateTime is the timestamp corresponding to @@ -797,7 +856,7 @@ data: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.25.3 name: helmcharts.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -852,6 +911,33 @@ data: spec: description: HelmChartSpec defines the desired state of a Helm chart. properties: + accessFrom: + description: AccessFrom defines an Access Control List for allowing + cross-namespace references to this object. + properties: + namespaceSelectors: + description: NamespaceSelectors is the list of namespace selectors + to which this ACL applies. Items in this list are evaluated + using a logical OR operation. + items: + description: NamespaceSelector selects the namespaces to which + this ACL applies. An empty map of MatchLabels matches all + namespaces in a cluster. + properties: + matchLabels: + additionalProperties: + type: string + description: MatchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + type: array + required: + - namespaceSelectors + type: object chart: description: The name or path the Helm chart is available at in the SourceRef. @@ -920,6 +1006,8 @@ data: - sourceRef type: object status: + default: + observedGeneration: -1 description: HelmChartStatus defines the observed state of the HelmChart. properties: artifact: @@ -927,7 +1015,7 @@ data: chart sync. properties: checksum: - description: Checksum is the SHA1 checksum of the artifact. + description: Checksum is the SHA256 checksum of the artifact. type: string lastUpdateTime: description: LastUpdateTime is the timestamp corresponding to @@ -1047,12 +1135,12 @@ data: kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.5.0 + controller-gen.kubebuilder.io/version: v0.7.0 creationTimestamp: null labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.25.3 name: helmreleases.helm.toolkit.fluxcd.io spec: group: helm.toolkit.fluxcd.io @@ -1357,11 +1445,20 @@ data: with an array of operation objects. items: description: JSON6902 is a JSON6902 operation object. - https://tools.ietf.org/html/rfc6902#section-4 + https://datatracker.ietf.org/doc/html/rfc6902#section-4 properties: from: + description: From contains a JSON-pointer value + that references a location within the target + document where the operation is performed. + The meaning of the value depends on the value + of Op, and is NOT taken into account by all + operations. type: string op: + description: Op indicates the operation to perform. + Its value MUST be one of "add", "remove", + "replace", "move", "copy", or "test". https://datatracker.ietf.org/doc/html/rfc6902#section-4 enum: - test - remove @@ -1371,8 +1468,17 @@ data: - copy type: string path: + description: Path contains the JSON-pointer + value that references a location within the + target document where the operation is performed. + The meaning of the value depends on the value + of Op. type: string value: + description: Value contains a valid JSON structure. + The meaning of the value depends on the value + of Op, and is NOT taken into account by all + operations. x-kubernetes-preserve-unknown-fields: true required: - op @@ -1812,7 +1918,7 @@ data: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.25.3 name: helmrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -1858,6 +1964,33 @@ data: spec: description: HelmRepositorySpec defines the reference to a Helm repository. properties: + accessFrom: + description: AccessFrom defines an Access Control List for allowing + cross-namespace references to this object. + properties: + namespaceSelectors: + description: NamespaceSelectors is the list of namespace selectors + to which this ACL applies. Items in this list are evaluated + using a logical OR operation. + items: + description: NamespaceSelector selects the namespaces to which + this ACL applies. An empty map of MatchLabels matches all + namespaces in a cluster. + properties: + matchLabels: + additionalProperties: + type: string + description: MatchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + type: array + required: + - namespaceSelectors + type: object interval: description: The interval at which to check the upstream for updates. type: string @@ -1898,6 +2031,8 @@ data: - url type: object status: + default: + observedGeneration: -1 description: HelmRepositoryStatus defines the observed state of the HelmRepository. properties: artifact: @@ -1905,7 +2040,7 @@ data: repository sync. properties: checksum: - description: Checksum is the SHA1 checksum of the artifact. + description: Checksum is the SHA256 checksum of the artifact. type: string lastUpdateTime: description: LastUpdateTime is the timestamp corresponding to @@ -2025,12 +2160,12 @@ data: kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.5.0 + controller-gen.kubebuilder.io/version: v0.7.0 creationTimestamp: null labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.25.3 name: kustomizations.kustomize.toolkit.fluxcd.io spec: group: kustomize.toolkit.fluxcd.io @@ -2200,13 +2335,12 @@ data: objects, capable of targeting objects based on kind, label and annotation selectors. items: - description: Patch contains either a StrategicMerge or a JSON6902 - patch, either a file or inline, and the target the patch should - be applied to. + description: Patch contains an inline StrategicMerge or JSON6902 + patch, and the target the patch should be applied to. properties: patch: - description: Patch contains the JSON6902 patch document with - an array of operation objects. + description: Patch contains an inline StrategicMerge patch or + an inline JSON6902 patch with an array of operation objects. type: string target: description: Target points to the resources that the patch document @@ -2257,11 +2391,18 @@ data: description: Patch contains the JSON6902 patch document with an array of operation objects. items: - description: JSON6902 is a JSON6902 operation object. https://tools.ietf.org/html/rfc6902#section-4 + description: JSON6902 is a JSON6902 operation object. https://datatracker.ietf.org/doc/html/rfc6902#section-4 properties: from: + description: From contains a JSON-pointer value that references + a location within the target document where the operation + is performed. The meaning of the value depends on the + value of Op, and is NOT taken into account by all operations. type: string op: + description: Op indicates the operation to perform. Its + value MUST be one of "add", "remove", "replace", "move", + "copy", or "test". https://datatracker.ietf.org/doc/html/rfc6902#section-4 enum: - test - remove @@ -2271,8 +2412,15 @@ data: - copy type: string path: + description: Path contains the JSON-pointer value that + references a location within the target document where + the operation is performed. The meaning of the value + depends on the value of Op. type: string value: + description: Value contains a valid JSON structure. The + meaning of the value depends on the value of Op, and + is NOT taken into account by all operations. x-kubernetes-preserve-unknown-fields: true required: - op @@ -2723,13 +2871,12 @@ data: objects, capable of targeting objects based on kind, label and annotation selectors. items: - description: Patch contains either a StrategicMerge or a JSON6902 - patch, either a file or inline, and the target the patch should - be applied to. + description: Patch contains an inline StrategicMerge or JSON6902 + patch, and the target the patch should be applied to. properties: patch: - description: Patch contains the JSON6902 patch document with - an array of operation objects. + description: Patch contains an inline StrategicMerge patch or + an inline JSON6902 patch with an array of operation objects. type: string target: description: Target points to the resources that the patch document @@ -2781,11 +2928,18 @@ data: description: Patch contains the JSON6902 patch document with an array of operation objects. items: - description: JSON6902 is a JSON6902 operation object. https://tools.ietf.org/html/rfc6902#section-4 + description: JSON6902 is a JSON6902 operation object. https://datatracker.ietf.org/doc/html/rfc6902#section-4 properties: from: + description: From contains a JSON-pointer value that references + a location within the target document where the operation + is performed. The meaning of the value depends on the + value of Op, and is NOT taken into account by all operations. type: string op: + description: Op indicates the operation to perform. Its + value MUST be one of "add", "remove", "replace", "move", + "copy", or "test". https://datatracker.ietf.org/doc/html/rfc6902#section-4 enum: - test - remove @@ -2795,8 +2949,15 @@ data: - copy type: string path: + description: Path contains the JSON-pointer value that + references a location within the target document where + the operation is performed. The meaning of the value + depends on the value of Op. type: string value: + description: Value contains a valid JSON structure. The + meaning of the value depends on the value of Op, and + is NOT taken into account by all operations. x-kubernetes-preserve-unknown-fields: true required: - op @@ -3100,12 +3261,12 @@ data: kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.5.0 + controller-gen.kubebuilder.io/version: v0.7.0 creationTimestamp: null labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.25.3 name: providers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -3177,6 +3338,10 @@ data: required: - name type: object + suspend: + description: This flag tells the controller to suspend subsequent + events handling. Defaults to false. + type: boolean type: description: Type of provider enum: @@ -3300,12 +3465,12 @@ data: kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.5.0 + controller-gen.kubebuilder.io/version: v0.7.0 creationTimestamp: null labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.25.3 name: receivers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -3522,7 +3687,7 @@ data: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.25.3 name: helm-controller namespace: flux-system --- @@ -3532,7 +3697,7 @@ data: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.25.3 name: kustomize-controller namespace: flux-system --- @@ -3542,7 +3707,7 @@ data: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.25.3 name: notification-controller namespace: flux-system --- @@ -3552,7 +3717,7 @@ data: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.25.3 name: source-controller namespace: flux-system --- @@ -3562,7 +3727,7 @@ data: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.25.3 name: crd-controller-flux-system rules: - apiGroups: @@ -3643,7 +3808,7 @@ data: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.25.3 name: cluster-reconciler-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -3663,7 +3828,7 @@ data: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.25.3 name: crd-controller-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -3695,7 +3860,7 @@ data: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.25.3 control-plane: controller name: notification-controller namespace: flux-system @@ -3715,7 +3880,7 @@ data: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.25.3 control-plane: controller name: source-controller namespace: flux-system @@ -3735,7 +3900,7 @@ data: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.25.3 control-plane: controller name: webhook-receiver namespace: flux-system @@ -3755,7 +3920,7 @@ data: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.25.3 control-plane: controller name: helm-controller namespace: flux-system @@ -3774,7 +3939,7 @@ data: spec: containers: - args: - - --events-addr=http://notification-controller/ + - --events-addr=http://notification-controller.flux-system.svc.cluster.local/ - --watch-all-namespaces=true - --log-level=info - --log-encoding=json @@ -3784,7 +3949,7 @@ data: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/helm-controller:v0.12.1 + image: ghcr.io/fluxcd/helm-controller:v0.15.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -3828,7 +3993,7 @@ data: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.25.3 control-plane: controller name: kustomize-controller namespace: flux-system @@ -3847,7 +4012,7 @@ data: spec: containers: - args: - - --events-addr=http://notification-controller/ + - --events-addr=http://notification-controller.flux-system.svc.cluster.local/ - --watch-all-namespaces=true - --log-level=info - --log-encoding=json @@ -3857,7 +4022,7 @@ data: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/kustomize-controller:v0.16.0 + image: ghcr.io/fluxcd/kustomize-controller:v0.19.1 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -3903,7 +4068,7 @@ data: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.25.3 control-plane: controller name: notification-controller namespace: flux-system @@ -3931,7 +4096,7 @@ data: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/notification-controller:v0.18.1 + image: ghcr.io/fluxcd/notification-controller:v0.20.1 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -3979,7 +4144,7 @@ data: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.25.3 control-plane: controller name: source-controller namespace: flux-system @@ -4000,7 +4165,7 @@ data: spec: containers: - args: - - --events-addr=http://notification-controller/ + - --events-addr=http://notification-controller.flux-system.svc.cluster.local/ - --watch-all-namespaces=true - --log-level=info - --log-encoding=json @@ -4012,7 +4177,7 @@ data: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/source-controller:v0.17.0 + image: ghcr.io/fluxcd/source-controller:v0.20.1 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -4063,7 +4228,7 @@ data: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.25.3 name: allow-egress namespace: flux-system spec: @@ -4083,7 +4248,7 @@ data: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.25.3 name: allow-scraping namespace: flux-system spec: @@ -4103,7 +4268,7 @@ data: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.25.3 name: allow-webhooks namespace: flux-system spec: @@ -4115,7 +4280,6 @@ data: app: notification-controller policyTypes: - Ingress - --- sync.yaml: | {{- if .Values.flux.decryptionSecret }} --- diff --git a/deploy/site/cluster-icn/flux-system/gotk-components.yaml b/deploy/site/cluster-icn/flux-system/gotk-components.yaml index 3e9bbc3..acb71ef 100644 --- a/deploy/site/cluster-icn/flux-system/gotk-components.yaml +++ b/deploy/site/cluster-icn/flux-system/gotk-components.yaml @@ -1,5 +1,6 @@ --- -# Flux version: v0.20.0 +# This manifest was generated by flux. DO NOT EDIT. +# Flux Version: v0.25.3 # Components: source-controller,kustomize-controller,helm-controller,notification-controller apiVersion: v1 kind: Namespace @@ -7,19 +8,19 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.25.3 name: flux-system --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.5.0 + controller-gen.kubebuilder.io/version: v0.7.0 creationTimestamp: null labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.25.3 name: alerts.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -231,7 +232,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.25.3 name: buckets.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -243,8 +244,8 @@ spec: scope: Namespaced versions: - additionalPrinterColumns: - - jsonPath: .spec.url - name: URL + - jsonPath: .spec.endpoint + name: Endpoint type: string - jsonPath: .status.conditions[?(@.type=="Ready")].status name: Ready @@ -276,6 +277,33 @@ spec: description: BucketSpec defines the desired state of an S3 compatible bucket properties: + accessFrom: + description: AccessFrom defines an Access Control List for allowing + cross-namespace references to this object. + properties: + namespaceSelectors: + description: NamespaceSelectors is the list of namespace selectors + to which this ACL applies. Items in this list are evaluated + using a logical OR operation. + items: + description: NamespaceSelector selects the namespaces to which + this ACL applies. An empty map of MatchLabels matches all + namespaces in a cluster. + properties: + matchLabels: + additionalProperties: + type: string + description: MatchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + type: array + required: + - namespaceSelectors + type: object bucketName: description: The bucket name. type: string @@ -329,6 +357,8 @@ spec: - interval type: object status: + default: + observedGeneration: -1 description: BucketStatus defines the observed state of a bucket properties: artifact: @@ -336,7 +366,7 @@ spec: Bucket sync. properties: checksum: - description: Checksum is the SHA1 checksum of the artifact. + description: Checksum is the SHA256 checksum of the artifact. type: string lastUpdateTime: description: LastUpdateTime is the timestamp corresponding to @@ -462,7 +492,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.25.3 name: gitrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -508,6 +538,33 @@ spec: spec: description: GitRepositorySpec defines the desired state of a Git repository. properties: + accessFrom: + description: AccessFrom defines an Access Control List for allowing + cross-namespace references to this object. + properties: + namespaceSelectors: + description: NamespaceSelectors is the list of namespace selectors + to which this ACL applies. Items in this list are evaluated + using a logical OR operation. + items: + description: NamespaceSelector selects the namespaces to which + this ACL applies. An empty map of MatchLabels matches all + namespaces in a cluster. + properties: + matchLabels: + additionalProperties: + type: string + description: MatchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + type: array + required: + - namespaceSelectors + type: object gitImplementation: default: go-git description: Determines which git client library to use. Defaults @@ -629,6 +686,8 @@ spec: - url type: object status: + default: + observedGeneration: -1 description: GitRepositoryStatus defines the observed state of a Git repository. properties: artifact: @@ -636,7 +695,7 @@ spec: repository sync. properties: checksum: - description: Checksum is the SHA1 checksum of the artifact. + description: Checksum is the SHA256 checksum of the artifact. type: string lastUpdateTime: description: LastUpdateTime is the timestamp corresponding to @@ -735,7 +794,7 @@ spec: description: Artifact represents the output of a source synchronisation. properties: checksum: - description: Checksum is the SHA1 checksum of the artifact. + description: Checksum is the SHA256 checksum of the artifact. type: string lastUpdateTime: description: LastUpdateTime is the timestamp corresponding to @@ -792,7 +851,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.25.3 name: helmcharts.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -847,6 +906,33 @@ spec: spec: description: HelmChartSpec defines the desired state of a Helm chart. properties: + accessFrom: + description: AccessFrom defines an Access Control List for allowing + cross-namespace references to this object. + properties: + namespaceSelectors: + description: NamespaceSelectors is the list of namespace selectors + to which this ACL applies. Items in this list are evaluated + using a logical OR operation. + items: + description: NamespaceSelector selects the namespaces to which + this ACL applies. An empty map of MatchLabels matches all + namespaces in a cluster. + properties: + matchLabels: + additionalProperties: + type: string + description: MatchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + type: array + required: + - namespaceSelectors + type: object chart: description: The name or path the Helm chart is available at in the SourceRef. @@ -915,6 +1001,8 @@ spec: - sourceRef type: object status: + default: + observedGeneration: -1 description: HelmChartStatus defines the observed state of the HelmChart. properties: artifact: @@ -922,7 +1010,7 @@ spec: chart sync. properties: checksum: - description: Checksum is the SHA1 checksum of the artifact. + description: Checksum is the SHA256 checksum of the artifact. type: string lastUpdateTime: description: LastUpdateTime is the timestamp corresponding to @@ -1042,12 +1130,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.5.0 + controller-gen.kubebuilder.io/version: v0.7.0 creationTimestamp: null labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.25.3 name: helmreleases.helm.toolkit.fluxcd.io spec: group: helm.toolkit.fluxcd.io @@ -1352,11 +1440,20 @@ spec: with an array of operation objects. items: description: JSON6902 is a JSON6902 operation object. - https://tools.ietf.org/html/rfc6902#section-4 + https://datatracker.ietf.org/doc/html/rfc6902#section-4 properties: from: + description: From contains a JSON-pointer value + that references a location within the target + document where the operation is performed. + The meaning of the value depends on the value + of Op, and is NOT taken into account by all + operations. type: string op: + description: Op indicates the operation to perform. + Its value MUST be one of "add", "remove", + "replace", "move", "copy", or "test". https://datatracker.ietf.org/doc/html/rfc6902#section-4 enum: - test - remove @@ -1366,8 +1463,17 @@ spec: - copy type: string path: + description: Path contains the JSON-pointer + value that references a location within the + target document where the operation is performed. + The meaning of the value depends on the value + of Op. type: string value: + description: Value contains a valid JSON structure. + The meaning of the value depends on the value + of Op, and is NOT taken into account by all + operations. x-kubernetes-preserve-unknown-fields: true required: - op @@ -1807,7 +1913,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.25.3 name: helmrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -1853,6 +1959,33 @@ spec: spec: description: HelmRepositorySpec defines the reference to a Helm repository. properties: + accessFrom: + description: AccessFrom defines an Access Control List for allowing + cross-namespace references to this object. + properties: + namespaceSelectors: + description: NamespaceSelectors is the list of namespace selectors + to which this ACL applies. Items in this list are evaluated + using a logical OR operation. + items: + description: NamespaceSelector selects the namespaces to which + this ACL applies. An empty map of MatchLabels matches all + namespaces in a cluster. + properties: + matchLabels: + additionalProperties: + type: string + description: MatchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + type: array + required: + - namespaceSelectors + type: object interval: description: The interval at which to check the upstream for updates. type: string @@ -1893,6 +2026,8 @@ spec: - url type: object status: + default: + observedGeneration: -1 description: HelmRepositoryStatus defines the observed state of the HelmRepository. properties: artifact: @@ -1900,7 +2035,7 @@ spec: repository sync. properties: checksum: - description: Checksum is the SHA1 checksum of the artifact. + description: Checksum is the SHA256 checksum of the artifact. type: string lastUpdateTime: description: LastUpdateTime is the timestamp corresponding to @@ -2020,12 +2155,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.5.0 + controller-gen.kubebuilder.io/version: v0.7.0 creationTimestamp: null labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.25.3 name: kustomizations.kustomize.toolkit.fluxcd.io spec: group: kustomize.toolkit.fluxcd.io @@ -2195,13 +2330,12 @@ spec: objects, capable of targeting objects based on kind, label and annotation selectors. items: - description: Patch contains either a StrategicMerge or a JSON6902 - patch, either a file or inline, and the target the patch should - be applied to. + description: Patch contains an inline StrategicMerge or JSON6902 + patch, and the target the patch should be applied to. properties: patch: - description: Patch contains the JSON6902 patch document with - an array of operation objects. + description: Patch contains an inline StrategicMerge patch or + an inline JSON6902 patch with an array of operation objects. type: string target: description: Target points to the resources that the patch document @@ -2252,11 +2386,18 @@ spec: description: Patch contains the JSON6902 patch document with an array of operation objects. items: - description: JSON6902 is a JSON6902 operation object. https://tools.ietf.org/html/rfc6902#section-4 + description: JSON6902 is a JSON6902 operation object. https://datatracker.ietf.org/doc/html/rfc6902#section-4 properties: from: + description: From contains a JSON-pointer value that references + a location within the target document where the operation + is performed. The meaning of the value depends on the + value of Op, and is NOT taken into account by all operations. type: string op: + description: Op indicates the operation to perform. Its + value MUST be one of "add", "remove", "replace", "move", + "copy", or "test". https://datatracker.ietf.org/doc/html/rfc6902#section-4 enum: - test - remove @@ -2266,8 +2407,15 @@ spec: - copy type: string path: + description: Path contains the JSON-pointer value that + references a location within the target document where + the operation is performed. The meaning of the value + depends on the value of Op. type: string value: + description: Value contains a valid JSON structure. The + meaning of the value depends on the value of Op, and + is NOT taken into account by all operations. x-kubernetes-preserve-unknown-fields: true required: - op @@ -2718,13 +2866,12 @@ spec: objects, capable of targeting objects based on kind, label and annotation selectors. items: - description: Patch contains either a StrategicMerge or a JSON6902 - patch, either a file or inline, and the target the patch should - be applied to. + description: Patch contains an inline StrategicMerge or JSON6902 + patch, and the target the patch should be applied to. properties: patch: - description: Patch contains the JSON6902 patch document with - an array of operation objects. + description: Patch contains an inline StrategicMerge patch or + an inline JSON6902 patch with an array of operation objects. type: string target: description: Target points to the resources that the patch document @@ -2776,11 +2923,18 @@ spec: description: Patch contains the JSON6902 patch document with an array of operation objects. items: - description: JSON6902 is a JSON6902 operation object. https://tools.ietf.org/html/rfc6902#section-4 + description: JSON6902 is a JSON6902 operation object. https://datatracker.ietf.org/doc/html/rfc6902#section-4 properties: from: + description: From contains a JSON-pointer value that references + a location within the target document where the operation + is performed. The meaning of the value depends on the + value of Op, and is NOT taken into account by all operations. type: string op: + description: Op indicates the operation to perform. Its + value MUST be one of "add", "remove", "replace", "move", + "copy", or "test". https://datatracker.ietf.org/doc/html/rfc6902#section-4 enum: - test - remove @@ -2790,8 +2944,15 @@ spec: - copy type: string path: + description: Path contains the JSON-pointer value that + references a location within the target document where + the operation is performed. The meaning of the value + depends on the value of Op. type: string value: + description: Value contains a valid JSON structure. The + meaning of the value depends on the value of Op, and + is NOT taken into account by all operations. x-kubernetes-preserve-unknown-fields: true required: - op @@ -3095,12 +3256,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.5.0 + controller-gen.kubebuilder.io/version: v0.7.0 creationTimestamp: null labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.25.3 name: providers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -3172,6 +3333,10 @@ spec: required: - name type: object + suspend: + description: This flag tells the controller to suspend subsequent + events handling. Defaults to false. + type: boolean type: description: Type of provider enum: @@ -3295,12 +3460,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.5.0 + controller-gen.kubebuilder.io/version: v0.7.0 creationTimestamp: null labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.25.3 name: receivers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -3517,7 +3682,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.25.3 name: helm-controller namespace: flux-system --- @@ -3527,7 +3692,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.25.3 name: kustomize-controller namespace: flux-system --- @@ -3537,7 +3702,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.25.3 name: notification-controller namespace: flux-system --- @@ -3547,7 +3712,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.25.3 name: source-controller namespace: flux-system --- @@ -3557,7 +3722,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.25.3 name: crd-controller-flux-system rules: - apiGroups: @@ -3638,7 +3803,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.25.3 name: cluster-reconciler-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -3658,7 +3823,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.25.3 name: crd-controller-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -3690,7 +3855,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.25.3 control-plane: controller name: notification-controller namespace: flux-system @@ -3710,7 +3875,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.25.3 control-plane: controller name: source-controller namespace: flux-system @@ -3730,7 +3895,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.25.3 control-plane: controller name: webhook-receiver namespace: flux-system @@ -3750,7 +3915,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.25.3 control-plane: controller name: helm-controller namespace: flux-system @@ -3769,7 +3934,7 @@ spec: spec: containers: - args: - - --events-addr=http://notification-controller/ + - --events-addr=http://notification-controller.flux-system.svc.cluster.local/ - --watch-all-namespaces=true - --log-level=info - --log-encoding=json @@ -3779,7 +3944,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/helm-controller:v0.12.1 + image: ghcr.io/fluxcd/helm-controller:v0.15.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -3823,7 +3988,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.25.3 control-plane: controller name: kustomize-controller namespace: flux-system @@ -3842,7 +4007,7 @@ spec: spec: containers: - args: - - --events-addr=http://notification-controller/ + - --events-addr=http://notification-controller.flux-system.svc.cluster.local/ - --watch-all-namespaces=true - --log-level=info - --log-encoding=json @@ -3852,7 +4017,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/kustomize-controller:v0.16.0 + image: ghcr.io/fluxcd/kustomize-controller:v0.19.1 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -3898,7 +4063,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.25.3 control-plane: controller name: notification-controller namespace: flux-system @@ -3926,7 +4091,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/notification-controller:v0.18.1 + image: ghcr.io/fluxcd/notification-controller:v0.20.1 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -3974,7 +4139,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.25.3 control-plane: controller name: source-controller namespace: flux-system @@ -3995,7 +4160,7 @@ spec: spec: containers: - args: - - --events-addr=http://notification-controller/ + - --events-addr=http://notification-controller.flux-system.svc.cluster.local/ - --watch-all-namespaces=true - --log-level=info - --log-encoding=json @@ -4007,7 +4172,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/source-controller:v0.17.0 + image: ghcr.io/fluxcd/source-controller:v0.20.1 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -4058,7 +4223,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.25.3 name: allow-egress namespace: flux-system spec: @@ -4078,7 +4243,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.25.3 name: allow-scraping namespace: flux-system spec: @@ -4098,7 +4263,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.20.0 + app.kubernetes.io/version: v0.25.3 name: allow-webhooks namespace: flux-system spec: @@ -4110,4 +4275,3 @@ spec: app: notification-controller policyTypes: - Ingress ---- diff --git a/env/lib/common.sh b/env/lib/common.sh index cf73abe..26c9a65 100755 --- a/env/lib/common.sh +++ b/env/lib/common.sh @@ -46,7 +46,7 @@ CAPI_VERSION="v0.4.3" CAPM3_VERSION="v0.5.1" #The flux version to use -FLUX_VERSION="0.20.0" +FLUX_VERSION="0.25.3" #The sops version to use SOPS_VERSION="v3.7.1" -- 2.16.6